Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2025-38304

UNKNOWN

Bluetooth: Fix NULL pointer deference on eir_get_service_data

Published Jul 10, 2025

Modified 2 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

Bluetooth: Fix NULL pointer deference on eir_get_service_data

The len parameter is considered optional so it can be NULL so it cannot be used for skipping to next entry of EIR_SERVICE_DATA.

References

WEBhttps://git.kernel.org/stable/c/20a2aa01f5aeb6daad9aeaa7c33dd512c58d81eb WEBhttps://git.kernel.org/stable/c/497c9d2d7d3983826bb02c10fb4a5818be6550fb WEBhttps://git.kernel.org/stable/c/4bf29910570666e668a60d953f8da78e95bb7fa2 WEBhttps://git.kernel.org/stable/c/7d99cc0f8e6fa0f35570887899f178122a61d44e WEBhttps://git.kernel.org/stable/c/842f7c3154d5b25ca11753c02ee8cf6ee64c0142 WEBhttps://lists.debian.org/debian-lts-announce/2025/10/msg00008.html ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2025-38304

Ecosystems

Timeline

PublishedJul 10, 2025

ModifiedNov 3, 2025

CVE-2025-38304 | Mondoo Vulnerability Intelligence